{% hint style="info" %} Content is still under construction. More will be available soon. In the meantime, check out the Responder machine for a preview. {% endhint %}
For all the machines in all three tiers that Starting Point provides, we will be given tasks to answer that are meant to help us go through pwning the machine by providing hints to get us on the right track. Our objective is a bit different: we won't go through the questions unless we get absolutely stuck and don't know where to go from the information we have, which will most likely happen.
Then why do we intentionally do it?
Although the goal of this starting section is for newcomers to discover new tools, new protocols, and techniques, we have found that it contains quite a few unclear decisions and not-so-clear tactics. As new pentesting enthusiasts, we often don't know why we did it that way instead of our intuitive way, which is most of the time: getting a reverse shell, brute forcing a password—any password—using Hydra to get through any login page, getting clear-text credentials after an initial foothold, etc.
Our goal is to try what comes to our minds first and actually lose time on wrong tracks (not too much time) to finally get the right idea and ultimately learn a new technique.
We won't go through the machines just to answer the tasks; instead, we will strive to understand the reasons, the limits, and the pros of everything we do. This approach ensures that we actually learn something meaningful.